So, you want to get into CyberSecurity

This is just a collection of pieces of advice I have provided to friends/family/acquaintances over the years. It isn't an end all list or guaranteed roadmap of how to get a career in cybersecurity, but it is hopefully a start for someone out there! Keep in mind as I write this, I have only ever … Continue reading So, you want to get into CyberSecurity

The 10 Immutable Laws of Security Administration

Found the following 'Immutable laws of Security Administration' the other day. Apparently Microsoft first published this back in 2000. That is twenty years ago now. For reference, common technology in use back then: The first camera phone appeared, The Sims was launched, and USB drives were just then becoming commonplace. https://www.computerhistory.org/timeline/2000/ What is crazy to … Continue reading The 10 Immutable Laws of Security Administration

Corporate Blog: A Look at the Kaseya Incident

This is a blog post I wrote for LifeOmic: Ransomware is a scourge on businesses everywhere today, and the Kaseya ransomware incident was no different. Except, it was an exceptional attack that utilized advanced procedures not normally seen in large scale, public, ransomware incidents. TrueSec provides an excellent overview of the initial compromise: Obtained an … Continue reading Corporate Blog: A Look at the Kaseya Incident

S3 Replication with KMS

After much research, I have realized that there isn't really a concise, straight to the point guide on designing replication in S3, using SSE-KMS, and cross-account ownership. So, a quick guide on what has worked for me: In your ORIGIN ACCOUNT Create origin BucketCreate origin IAM roleCreate origin IAM PolicyCreate origin KMS keySet up origin … Continue reading S3 Replication with KMS

Multiple KMS Principals in Terraform

CORRECTION: You can actually implement policies through the normal procedure, example below: principals { type = "AWS" identifiers = [ "ARN", "ARN" } However - You must verify that your Roles are already created! Otherwise you will get what appears to be a generic failure. It was just a coincidence for me that I deployed … Continue reading Multiple KMS Principals in Terraform

COVID19 Threat Sharing Group

Recently I joined a COVID19 threat sharing group. It is pretty amazing watching the data analysis and community driven response to the pandemic. One of the biggest contributions the community has made is publishing an easy to access blacklist: https://blocklist.cyberthreatcoalition.org/vetted/At time of this writing the domain and URL categories are very fleshed out, and each … Continue reading COVID19 Threat Sharing Group